So today I suddenly started getting pop-ups on my laptop in Firefox, despite having pop-up blocking, AdBlockPlus, AVG, etc. (I suspect they were coming either from engadget.com, would surprise the hell out of me that they'd be the source, but the ad pop-ups did stop after closing their page - makes me wonder if they got hacked specifically for the increased traffic they'd get as official blog of CES). I always closed the pop-ups as they appeared, as I know better than to click on pop-up ads, for this very reason.
However, I suddenly found my desktop with "Internet Security 2010" on it, and repeated AVG warnings of infected DLLs. As suspected, this is the latest version of the old "Anti-Virus 200x" rogue software, which is basically an extortion scheme to get you to buy a full version of itself to remove it.
Having warned many co-workers and clients of this virus, I'm extremely embarrassed to have been hit by it. As I've had to recommend to others, I tried running Malwarebytes (combined with rkill.exe), but had tons of problems doing it. Eventually, I was able to do a System Restore (which also would not run until running rkill), and now I seem to be free of the virus (no fake virus infection warnings, and the IS2010 icon is gone from my desktop) after running Malwarebytes in Safe Mode.
The problem I now have is that there may be some remnant of the trojan which is turning off my hard drive after a few minutes when running in Normal mode, keeping me from performing further cleanup, or running just about any apps at all. I tried running another Malwarebytes full scan in Safe Mode again, and it found MANY more infections, but it still did not fix the HD turning off.
Any suggestions? This is a Dell Inspiron 1520, which has a hidden partition containing the original factory image, but I'd like to avoid reimaging the HD (and I'm not even sure that will be possible, since the last scan found "rootkit.mbr", which I understand may affect the master boot record, thereby keeping me from using the built-in imaging utility).
However, I suddenly found my desktop with "Internet Security 2010" on it, and repeated AVG warnings of infected DLLs. As suspected, this is the latest version of the old "Anti-Virus 200x" rogue software, which is basically an extortion scheme to get you to buy a full version of itself to remove it.
Having warned many co-workers and clients of this virus, I'm extremely embarrassed to have been hit by it. As I've had to recommend to others, I tried running Malwarebytes (combined with rkill.exe), but had tons of problems doing it. Eventually, I was able to do a System Restore (which also would not run until running rkill), and now I seem to be free of the virus (no fake virus infection warnings, and the IS2010 icon is gone from my desktop) after running Malwarebytes in Safe Mode.
The problem I now have is that there may be some remnant of the trojan which is turning off my hard drive after a few minutes when running in Normal mode, keeping me from performing further cleanup, or running just about any apps at all. I tried running another Malwarebytes full scan in Safe Mode again, and it found MANY more infections, but it still did not fix the HD turning off.
Any suggestions? This is a Dell Inspiron 1520, which has a hidden partition containing the original factory image, but I'd like to avoid reimaging the HD (and I'm not even sure that will be possible, since the last scan found "rootkit.mbr", which I understand may affect the master boot record, thereby keeping me from using the built-in imaging utility).
Facebook
Twitter